package cn.dsp.admin.controller;


import cn.dsp.admin.config.MyUsernamePasswordToken;
import cn.dsp.admin.entity.admin.Admin;
import cn.dsp.admin.service.IAdminService;
import cn.dsp.admin.utils.JsonResult;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;


@Controller
@RequestMapping("shiro")
public class shiroController extends BaseController{
    @Autowired
    private IAdminService adminService;


    //登录
    @PostMapping("login")
    @ResponseBody
    public JsonResult<Admin> loginAdmin(@RequestParam("adminName") String username, @RequestParam("password") String password, HttpSession session){
        Admin data = adminService.getByAdminName(username);
        // 当前用户  添加用户认证信息
        Subject currentUser = SecurityUtils.getSubject();
        // 验证是否身份认证֤
       if (!currentUser.isAuthenticated()) {
            // 将用户名、密码封装为token
           MyUsernamePasswordToken token = new MyUsernamePasswordToken(username, password);
            // rememberMe
            token.setRememberMe(false);
            try {
                // 执行登录
                currentUser.login(token);
                System.out.println("登陆成功！");
                session.setAttribute("adminId",data.getAdminId());
                session.setAttribute("adminName",data.getAdminName());
                session.setAttribute("storeId",data.getStoreId());
            } catch (UnknownAccountException uae) {
                System.out.println("There is no user with username of " + token.getPrincipal());
                return new JsonResult<>(uae);
            } catch (IncorrectCredentialsException ice) {
                System.out.println("用户："+token.getPrincipal()+",Password 不正确 ");
                return new JsonResult<>(ice);
            } catch (LockedAccountException lae) {
                System.out.println("The account for username " + token.getPrincipal() + " is locked.  "+ "Please contact your administrator to unlock it.");
                return new JsonResult<>(lae);
            } catch (AuthenticationException ae) {
                System.out.println("authentication fail!");
                return new JsonResult<>(ae);
            }catch (Exception e){
                System.out.println("失败！！");
                return new JsonResult<>(e);
            }
        }
        return new JsonResult<>(SUCCESS,data);

    }
    //退出
    @GetMapping("logout")
    @ResponseBody
    public JsonResult<Void> logout(){
        Subject subject = SecurityUtils.getSubject();
        if (subject !=null){
            subject.logout();
        }
        return new JsonResult<>(SUCCESS);
    }

    //访问toLogin
    @GetMapping({"/toLogin","/"})
    public String login(){
       /* String role = "admin";
        UsernamePasswordToken token = new UsernamePasswordToken(role,"123456");
        Subject subject = SecurityUtils.getSubject();
        subject.login(token);*/
        return "redirect:/web/admin/login.html";
    }
    //拥有admin角色才能访问
    @RequestMapping("/admin")
    @ResponseBody
    @RequiresRoles("admin")
    public String admin(){
        return "admin success";
    }

    //拥有develop角色才能访问
    @RequestMapping("/develop")
    @ResponseBody
    @RequiresRoles("develop")
    public String develop(){
        return "develop success";
    }

    //拥有delete权限才能访问
    @RequestMapping("/delete")
    @ResponseBody
    @RequiresPermissions("delete")
    public String delete(){
        return "delete success";
    }

    //拥有delete权限才能访问
    @RequestMapping("/update")
    @ResponseBody
    public String update(){
        return "update success";
    }

    //访问首页
    @RequestMapping("index")
    public String index(){
        return "redirect:/web/index.html";
    }

}
